Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To access an API programmatically, a new Keycloak user needs to be added to the LIN realm. The username and password can then be exchanged for a JWT token to make a request to a protected service. The following script show how a JWT token can be acquired and how that token is used to make an authenticated request, in this case, our jamesh user;

Code Block
#! /bin/bash

# Step3Step 1
export TOKEN=$(curl -s 'https://dev-apps.lin.nhs.uk/auth/realms/lin/protocol/openid-connect/token' -d "client_id=api-tokens&username=jamesh&password=j4m3srul3z&grant_type=password" | jq -r .access_token)

# Step 2 - optional
curl https://dev-apps.lin.nhs.uk/auth/realms/lin/protocol/openid-connect/token/introspect \
	-d client_id=<client id> \
	-d client_secret=<client secret> \
	-d "token=${TOKEN}" \
	| python -m json.tool

# Step 3
curl -i -H "Authorization: bearer ${TOKEN}" \
 	https://dev-apps.lin.nhs.uk/api/revalidation/health 

...